mirror of
https://github.com/arun11299/cpp-jwt.git
synced 2025-06-03 10:27:41 +00:00
Fail with no key if algorithm is not NONE
This commit is contained in:
Arun M
parent
f8eebbede0
commit
cb1847142e
5 changed files with 50 additions and 3 deletions
|
|
@ -11,6 +11,7 @@ enum class AlgorithmErrc
|
||||||
{
|
{
|
||||||
SigningErr = 1,
|
SigningErr = 1,
|
||||||
VerificationErr,
|
VerificationErr,
|
||||||
|
KeyNotFoundErr,
|
||||||
NoneAlgorithmUsed, // Not an actual error!
|
NoneAlgorithmUsed, // Not an actual error!
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -22,6 +22,8 @@ struct AlgorithmErrCategory: std::error_category
|
||||||
return "signing failed";
|
return "signing failed";
|
||||||
case AlgorithmErrc::VerificationErr:
|
case AlgorithmErrc::VerificationErr:
|
||||||
return "verification failed";
|
return "verification failed";
|
||||||
|
case AlgorithmErrc::KeyNotFoundErr:
|
||||||
|
return "key not provided";
|
||||||
case AlgorithmErrc::NoneAlgorithmUsed:
|
case AlgorithmErrc::NoneAlgorithmUsed:
|
||||||
return "none algorithm used";
|
return "none algorithm used";
|
||||||
};
|
};
|
||||||
|
|
|
||||||
|
|
@ -338,6 +338,15 @@ jwt_object& jwt_object::remove_claim(const string_view name)
|
||||||
std::string jwt_object::signature(std::error_code& ec) const
|
std::string jwt_object::signature(std::error_code& ec) const
|
||||||
{
|
{
|
||||||
ec.clear();
|
ec.clear();
|
||||||
|
|
||||||
|
//key/secret should be set for any algorithm except NONE
|
||||||
|
if (header().algo() != jwt::algorithm::NONE) {
|
||||||
|
if (secret_.length() == 0) {
|
||||||
|
ec = AlgorithmErrc::KeyNotFoundErr;
|
||||||
|
return {};
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
jwt_signature jws{secret_};
|
jwt_signature jws{secret_};
|
||||||
return jws.encode(header_, payload_, ec);
|
return jws.encode(header_, payload_, ec);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Binary file not shown.
|
|
@ -138,9 +138,7 @@ TEST (EncodeTest, StrEncodeHS512WithKey)
|
||||||
|
|
||||||
jwt::string_view key = "00112233445566778899";
|
jwt::string_view key = "00112233445566778899";
|
||||||
|
|
||||||
//TODO: map of jwt::string_view not working
|
std::map<jwt::string_view, jwt::string_view> p;
|
||||||
|
|
||||||
std::map<std::string, std::string> p;
|
|
||||||
p["aud"] = "rift.io";
|
p["aud"] = "rift.io";
|
||||||
p["sub"] = "nothing much";
|
p["sub"] = "nothing much";
|
||||||
|
|
||||||
|
|
@ -180,6 +178,43 @@ TEST (EncodeTest, StrEncodeChangeAlg)
|
||||||
EXPECT_EQ (expected_none_sign, enc_str);
|
EXPECT_EQ (expected_none_sign, enc_str);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
TEST (EncodeTest, StrEncodeNoKey)
|
||||||
|
{
|
||||||
|
using namespace jwt::params;
|
||||||
|
|
||||||
|
jwt::jwt_object obj{algorithm(jwt::algorithm::HS512),
|
||||||
|
payload({{"iss", "arn-ml"}})
|
||||||
|
};
|
||||||
|
|
||||||
|
std::error_code ec;
|
||||||
|
std::string enc_str = obj.signature(ec);
|
||||||
|
|
||||||
|
ASSERT_TRUE (ec);
|
||||||
|
EXPECT_EQ (ec.value(), static_cast<int>(jwt::AlgorithmErrc::KeyNotFoundErr));
|
||||||
|
}
|
||||||
|
|
||||||
|
TEST (EncodeTest, StrEncodeNoneAlgWithKey)
|
||||||
|
{
|
||||||
|
using namespace jwt::params;
|
||||||
|
|
||||||
|
const jwt::string_view secret1 = "abcdefghijklmnopqrstuvwxyz";
|
||||||
|
const jwt::string_view secret2 = "0123456789qwertybabe";
|
||||||
|
|
||||||
|
jwt::jwt_object obj{algorithm("NONE"),
|
||||||
|
payload({{"iss", "arn-ml"}}),
|
||||||
|
secret(secret1)};
|
||||||
|
|
||||||
|
std::error_code ec;
|
||||||
|
std::string enc_str1 = obj.signature(ec);
|
||||||
|
ASSERT_FALSE (ec);
|
||||||
|
|
||||||
|
obj.secret(secret2);
|
||||||
|
std::string enc_str2 = obj.signature(ec);
|
||||||
|
ASSERT_FALSE (ec);
|
||||||
|
|
||||||
|
EXPECT_EQ (enc_str1, enc_str2);
|
||||||
|
}
|
||||||
|
|
||||||
int main(int argc, char **argv)
|
int main(int argc, char **argv)
|
||||||
{
|
{
|
||||||
::testing::InitGoogleTest(&argc, argv);
|
::testing::InitGoogleTest(&argc, argv);
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue